The AlienVault Blogs: Taking On Today’s Threats

The most recent posts from across the AlienVault blogs.

Subscribe: Via Email | RSS


Late-breaking discoveries and in-depth analysis.

Subscribe: Via Email | RSS


Practical, how-to advice, tips and guidance.

Subscribe: Via Email | RSS

Every few days on 'Infosec Twitter', I come across another example of a site that breaks password manager functionality by disabling the ability to paste into the password field. Generally, customer service representatives for those sites will vaguely explain that this is being done for "security reasons" - despite the fact that current best practices recommend the very password managers… Read more

Tags: phishing, xss, password manager

We asked users of the Spiceworks community to tell us the one word, or catch-phrase, they hate to hear as IT professionals. As you might have guessed, we got a lot of words in return! Here is a small sample of their responses: Over-used Words It used to be "cloud" and "storage is cheap.” Lately, though, it has been… Read more

Tags: it

Botnet C&C servers issue commands in many ways Recently I discussed botnets and the way they represent an ongoing and evolving threat to corporate IT security. This time I’ll be discussing the problem at its source — command and control (C&C) server detection — and the best practices available to help companies deal with… Read more

Tags: botnet, command and control, c&c

This is Part 6 of a 'How-To' effort to compile a list of tools (free and commercial) that can help IT administrators comply with SANS’ Security Controls. A summary of previous posts Part 1 - we looked at Inventory of Authorized and Unauthorized Devices. Part 2 - we looked at Inventory of Authorized and Unauthorized Software. Part 3 - we looked at Secure… Read more

Tags: sans, application security

Ultrasound is supposed to be our friend. However, the security world was made aware last week of a technology being used by an outfit named "SilverPush" that is utilizing a new and unusual method for tracking mobile phone users with ultrasound signals. The basic story is that the company is embedding a tracking beacon in advertisement audio using ultrasound frequencies… Read more


Get Email Updates

Labs Research
Security Essentials
All Blogs

Gartner MQ

Featured Content